1、Jenkins安装插件
https://plugins.jenkins.io/dependency-check-jenkins-plugin/
2、下载并配置
# 下载 wget https://github.com/jeremylong/DependencyCheck/releases/download/v9.0.9/dependency-check-9.0.9-release.zip # 解压并配置 cd /usr/local/ unzip /usr/local/src/dependency-check-9.0.9-release.zip # 查看版本 ./dependency-check/bin/dependency-check.sh --version
3、配置Jenkins构建任务sonar-scanner(Pipeline代码)
stage('Dependency-Check') {
steps {
sh '/usr/local/dependency-check/bin/dependency-check.sh -s ./ -f HTML -o ./dependency-check-report.html'
}
}
stage('Sonarqube') {
steps {
script {
scannerHome = tool 'sonar-scanner'
}
withSonarQubeEnv('SonarQube') {
sh """
${scannerHome}/bin/sonar-scanner \
-Dsonar.projectKey=$JOB_BASE_NAME \
-Dsonar.projectName=$JOB_BASE_NAME \
-Dsonar.host.url=http://10.32.161.139:9000 \
-Dsonar.sourceEncoding=UTF-8 \
-Dsonar.language=java \
-Dsonar.projectVersion=v$BUILD_NUMBER \
-Dsonar.java.binaries=. \
-Dsonar.sources=. \
-Dsonar.branch.name=${BRANCH} \
-Dsonar.dependencyCheck.htmlReportPath=./dependency-check-report.html \
-Dsonar.dependencyCheck.summarize=true \
-Dsonar.dependencyCheck.securityHotspot=true
"""
}
}
}
参考:
https://github.com/jeremylong/DependencyCheck
